Privacy Policy

1) Quick Summary (not a substitute for the full policy)

• We collect account data, booking details, device identifiers, location (with permission), and payment metadata (via processors like Stripe). We don’t store full card numbers.
• We use data to operate the app, process payments, show nearby runs, prevent fraud, and improve features.
• You control certain permissions (location, notifications), and you have rights to access, delete, or correct your data subject to applicable law.

2) Information We Collect

2.1 Information you provide

• Account & profile: name, email, phone, birthdate (for eligibility), profile photo, preferred sports/skill level.
• Bookings & participation: runs joined/hosted, party size/guests, waivers and e-signatures, messages you send in the app.
• Support: feedback, bug reports, survey responses.

2.2 Information we collect automatically

• Device & usage: app version, device type, OS, IP address, language, crash logs, performance metrics.
• Location data: precise or approximate location when you grant permission, used to show nearby runs and enhance safety features.
• Cookies & similar tech (web): cookies, local storage, and analytics tags for session management and usage insights.

2.3 Information from third parties

• Payments: limited payment metadata from processors (e.g., Stripe) such as card brand, last 4 digits, tokenized IDs, and status (authorized/captured/refunded). We do not store full payment card numbers.
• Messaging & push: device tokens from Apple/Google for notifications.
• Maps & geocoding: data from mapping providers (e.g., Google Maps) to convert coordinates and display venues.

3) How We Use Information

• Operate, maintain, and improve the Service.
• Process bookings, payments, refunds, and waitlists.
• Show runs near you and provide navigation and reminders.
• Enable messaging, notifications, and account management.
• Ensure safety, verify accounts, detect/prevent fraud and abuse.
• Comply with laws, enforce Terms, and protect our rights and users.
• Research and analytics to improve features and user experience.
• Communications: transactional emails/SMS, service updates, and—where permitted—optional marketing (you can opt out).

4) How We Share Information

• With hosts/participants: limited profile details needed to coordinate a run (e.g., first name, profile photo/initials, and confirmation status).
• Service providers: payment processing (e.g., Stripe), cloud hosting, analytics, messaging, customer support tools, and anti‑fraud vendors.
• Legal & safety: to comply with law, respond to legal process, or protect rights, property, safety of users, the public, or RunItUp.
• Business transfers: during a merger, acquisition, financing, or sale of assets.

5) Legal Bases (EEA/UK/Switzerland)

• Contract: to provide the Service you request (account, bookings, payments).
• Legitimate interests: to secure and improve the Service, prevent fraud, and perform analytics.
• Consent: for certain uses like precise location, notifications, or marketing where required. You can withdraw consent at any time.
• Legal obligation: to comply with accounting, tax, and other laws.

6) Data Retention

We keep information only as long as necessary for the purposes described above, including maintaining account history, resolving disputes, enforcing agreements, and complying with legal obligations. Retention periods vary by data type and applicable law.

7) Security

We implement administrative, technical, and physical safeguards designed to protect information. No system is perfectly secure; you are responsible for safeguarding your account credentials and promptly notifying us of suspected unauthorized access.

8) Children’s Privacy

The Service is not directed to children under 13. If you are under 18 (or the age of majority where you live), you may use the Service only with consent of a parent or legal guardian. If we learn we have collected personal data from a child in violation of law, we will delete it.

9) Your Choices & Controls

• Device permissions: you can disable location or notifications in your OS settings; some features may not work without them.
• Marketing preferences: you can opt out of marketing emails/SMS via provided links or in‑app settings.
• Cookies (web): use browser settings to manage cookies; some cookies are essential.

10) Your Privacy Rights

10.1 EEA/UK/Swiss users (GDPR)

• Right of access, rectification, erasure, restriction, portability, and objection.
• Right to withdraw consent at any time where processing is based on consent.
• Right to lodge a complaint with a supervisory authority.

10.2 California residents (CPRA)

• Right to know/access, delete, correct, and to limit use of sensitive personal information.
• We do not sell personal information as defined by CPRA. We may “share” for cross‑context behavioral advertising only if/when you opt in (if applicable), and you can opt out at any time.
• Non‑discrimination for exercising your rights.

10.3 Virginia/Colorado/Connecticut/Utah and other U.S. state laws

• Depending on your state, you may have similar rights to access, delete, correct, and opt out of targeted advertising or profiling. We honor valid requests as required by law.

To exercise rights: email runitupsupport@runit-up.com or use in‑app settings where available. We may need to verify your identity.

11) International Transfers

We may process and store information in the United States and other countries where we or our service providers operate. When transferring personal data from the EEA/UK/Switzerland, we rely on appropriate safeguards (e.g., standard contractual clauses) as required by law.

12) Payments

Payments are processed by third‑party processors (e.g., Stripe). We receive limited metadata (e.g., last 4 digits, card brand, token, status) and do not store full payment card numbers. Your use of payment services is subject to the processor’s terms and privacy policy.

13) Communications

• Transactional: booking confirmations, reminders, receipts, account alerts.
• Service & policy updates: notices about changes to the Service or this Policy.
• Marketing: with your consent where required; you can opt out.

14) Analytics & Tracking

We use analytics tools (e.g., Firebase, first‑party analytics) to understand usage patterns and improve the Service. We do not use precise location for advertising without consent where required.

15) User Content & Social Features

Content you post (e.g., messages, photos, team names) may be visible to other participants and hosts as designed by the Service. Please do not share sensitive personal information in public areas.

16) “Do Not Track”

Your browser may offer a “Do Not Track” signal. We currently do not respond to DNT signals. You can use other controls described above to manage tracking.

17) Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by updating the “Last updated” date, posting in‑app notices, or sending communications as appropriate. Your continued use of the Service means you accept the updated Policy.

18) Contact Us

---

Using RunItUp means you consent to this Privacy Policy. If you disagree, please discontinue use of the Service.